Update to “Ten Easy Cyber Security Measures to Add to Your 2016 List of New Year’s Resolutions”

January 11, 2016January 11, 2016 Kathie McDonald-McClure Cyber Security and Cyber Crime, Data Privacy & Security card skimming, Cyber Security, Cybersecurity Act, FBI, gas pumps, Thorntons

One of the goals of our HITECH Law blog is to start dialogue and share information and insights in the ever changing world of cyber security. In our previous post, “Ten Easy Cyber Security Measures…”, we relayed some information from the FBI about thieves breaking into gas pumps and inserting card readers. One of our readers sent us some additional information we are passing along, with her permission.

“Some responsible retailers have studied how criminals are getting into pumps, and those retailers have invested a lot of time and money in pump protection after delivery from the manufacturer. Because the safety and security of our guests is of utmost importance to us, Thorntons has spent more than $1 million over the past 18 months to make our pumps more secure for our customers. To prevent card skimming at Thorntons’ pumps, we added Continue reading →

Ten Easy Cyber Security Measures To Add To Your 2016 List Of New Year’s Resolutions

December 31, 2015January 6, 2016 Kathie McDonald-McClure Cyber Security and Cyber Crime, Data Privacy & Security, Health Information Technology credit card and debit card fraud, credit card skimmers, credit freeze, cyber liability insurance, identity theft, security of wi-fi networks, strong passwords

When thinking about your 2016 New Year’s resolutions, include some data security resolutions on your list! The Kentucky Chamber of Commerce in coordination with Wyatt Tarrant & Combs, LLP, hosted a Cyber Security and Data Privacy seminar on December 17, 2015. This blog post highlights several ideas for resolutions that came from thoughts expressed by speakers during the seminar. In the coming year, think about what you should be doing to protect your personal identity as well as to protect the personal information of your customers, clients, patients and employees. Here are ten resolutions to get you started:

RESOLUTION #1 – I will NOT use a credit or debit card at a gas pump. This resolution can serve a two-fold purpose: a) You can make progress toward your 10,000 steps by walking to the cashier window, and b) you can protect yourself from identity theft. Dan Jackman, a cyber security task force officer with the FBI, stated during the seminar that thieves are stealing credit card information from gas pumps and explained how they do it. According to Officer Jackman, there are ONLY five different pump keys for the entire Commonwealth of Kentucky. So, dishonest fraudsters take a job with a gas station just to get access to the pump key so they can open the pump casing and change out credit card readers, not just at that station but dozens of stations using the same key. By gaining access to the inside of the pump, they can replace the card reader in a way that it cannot be detected when closing and locking the pump casing. The fraudster makes the switch in the dead of the night. Credit/debit cards are being ripped off in a matter of seconds within the time they are used at a pump with a fake card reader. Apparently, this type of theft is rampant in Kentucky.

Officer Jackman recommends going to the window to use a credit card or pay cash (thereby making this a two-part resolution because you will get some steps). If you cannot break the habit of paying at the pump, then use a prepaid card to limit your losses. Avoid using a debit card tied to your checking account. Continue reading →

Kentucky Chamber To Host Cyber Security Seminar on December 17, 2015

November 20, 2015December 8, 2015 Kathie McDonald-McClure Cyber Security and Cyber Crime, Data Privacy & Security, FTC Enforcement Kentucky Chamber of Commerce, Wyatt Tarrant & Combs law firm

Data privacy and security issues are bursting at the seams in ALL industry sectors due to the ability to connect to the internet through networks, apps and a multitude of devices that enable individuals and organizations to collect, transmit, store and use information in a multitude of ways. Connecting to the internet poses privacy and security risks regarding confidential information that, if used or disclosed in certain ways, can result in significant financial and reputational harm to the entity, its employees, clients, customers and others.

Is your company counting on you to make sure it doesn’t have a data breach and end up on the front page?
Do you know the latest ways that cyber thieves are trying to gain access to your data?
Are you learning from others’ mistakes, so that your company doesn’t have to learn the hard way?
Are your policies in step with state and federal laws and regulations as well as government enforcement trends?
Do you have a plan for dealing with the financial hit that would accompany a data breach?

If these questions have been weighing on you, as your company’s CEO, CFO, IT manager, HR manager, in-house counsel or risk officer, come to a one-day conference on December 17, 2015, in Lexington, Kentucky, hosted by the Kentucky Chamber of Commerce and sponsored by Wyatt, Tarrant & Combs, LLP. Learn about trends in security, legal compliance, risk management and law enforcement on cyber security and data protection and gain practical, hands-on information that you can take back to your company, which will begin paying dividends right away. Continue reading →

Wyatt to sponsor the Kentucky Chamber’s Cyber Security and Data Protection Seminar

November 18, 2015December 8, 2015 Kathie McDonald-McClure Health Information Technology Cyber Security, Data Protection, Kentucky, Kentucky Chamber of Commerce, Lexington

Wyatt will be sponsoring the Kentucky Chamber of Commerce‘s Cyber Security and Data Protection Seminar on December 17, 2015 in Lexington, Kentucky. Kathie McDonald-McClure, Dayo Seton, Lisa Underwood and Martha Ziskind will be presenting on the following topics:

Kathie McDonald-McClure – “Is Your Cybersecurity Policy Up to Snuff? Do You Have One?”
Dayo Seton and Lisa Underwood – “Breaking Developments in Cyber Privacy Law – Is Your Company in the Know?”
Lisa Underwood – “Key Provisions to Address in Agreements with Your Vendors”
Martha Ziskind – “Federal Trade Commission Takes Driver’s Seat in Setting Data Privacy and Security Standards (or Not)”

This seminar will provide attendees with information on how to prevent a data breach from occurring and ensure that their company policies are in step with current federal laws and regulations.

Please click here to view the full agenda and register.

Can’t Complete the Stage 2 MU Summary of Care Measure 3 Test with a CMS Designated Test EHR? CMS Issues New FAQ on Alternative

January 27, 2015 Kathie McDonald-McClure Electronic Health Records, Eligible Professional Incentives, Health Information Technology, HITECH Law, Hospital EHR Incentives, Meaningful Use Electronic Health Records, HITECH Act, Meaningful Use, MU Stage 2 Summary of Care Measure #3

On January 22, 2015, the Centers for Medicare and Medicaid Services (CMS) updated previously posted FAQ No. 11666 to help guide providers who are striving to meet Stage 2 Meaningful Use criteria under the Medicare and Medicaid EHR Incentive Programs implemented by the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009. The updated FAQ addresses the problem providers are having in meeting Measure 3 under the Stage 2 Summary of Care objective. The question posed is:

“When reporting on the Summary of Care objective in the EHR Incentive Programs, how can eligible professionals, eligible hospitals, and critical access hospitals (CAHs) meet measure 3 if they are unable to complete a test with the CMS Designated Test EHR (NIST EHR-Randomizer Application)?”

The CMS answer is as follows: Continue reading →

A legal blog about consumer privacy and data security in a high-tech world

Author: Kathie McDonald-McClure